Пример #1
0
	public static function OnBeforeProlog()
	{
		if (CSecuritySystemInformation::isCliMode())
			return;

		if(CSecurityFilterMask::Check(SITE_ID, $_SERVER["REQUEST_URI"]))
			return;

		if(self::currentUserHaveRightsForSkip())
		{
			if(
				check_bitrix_sessid()
				&& (
					!isset($_POST['____SECFILTER_CONVERT_JS'])
					|| !$_POST['____SECFILTER_CONVERT_JS']
				)
			)
			{
				return;
			}
		}

		$filter = new CSecurityFilter;
		$filter->process();
	}
Пример #2
0
 public static function onPageStart()
 {
     if (\CSecuritySystemInformation::isCliMode()) {
         return;
     }
     /** @var HostRestriction $instance */
     $instance = new static();
     $instance->process();
 }
Пример #3
0
 /**
  * @param $content
  */
 public static function OnEndBufferContent(&$content)
 {
     if (CSecuritySystemInformation::isCliMode()) {
         return;
     }
     if (CSecurityFilterMask::Check(SITE_ID, $_SERVER["REQUEST_URI"])) {
         return;
     }
     $filter = new CSecurityXSSDetect();
     $content = $filter->process($content);
 }
Пример #4
0
	/**
	 * @param $content
	 */
	public static function OnEndBufferContent(&$content)
	{
		if (CSecuritySystemInformation::isCliMode())
			return;

		if (CSecurityFilterMask::Check(SITE_ID, $_SERVER["REQUEST_URI"]))
			return;

		if (!preg_match('#</script#', $content)) // Probably does not include the scripts
			return;

		$filter = new CSecurityXSSDetect();
		$filter->process($content);
	}
Пример #5
0
	/**
	 * Return current domain name (in puny code for cyrillic domain)
	 * @return string
	 */
	protected static function getDomainName()
	{
		return CSecuritySystemInformation::getCurrentHost();
	}
Пример #6
0
 function OnPageStart()
 {
     if (CSecuritySystemInformation::isCliMode()) {
         return;
     }
     if (self::isSafetyRequest()) {
         //Check only GET and POST request
         return;
     }
     global $APPLICATION, $DB, $BX_SECURITY_AV_TIMEOUT, $BX_SECURITY_AV_ACTION;
     $BX_SECURITY_AV_TIMEOUT = COption::GetOptionInt("security", "antivirus_timeout");
     $BX_SECURITY_AV_ACTION = COption::GetOptionInt("security", "antivirus_action");
     //user white list
     global $BX_SECURITY_AV_WHITE_LIST, $CACHE_MANAGER;
     if ($CACHE_MANAGER->Read(36000, "b_sec_white_list")) {
         $BX_SECURITY_AV_WHITE_LIST = $CACHE_MANAGER->Get("b_sec_white_list");
     } else {
         $BX_SECURITY_AV_WHITE_LIST = array();
         $res = CSecurityAntiVirus::GetWhiteList();
         while ($ar = $res->Fetch()) {
             $BX_SECURITY_AV_WHITE_LIST[] = $ar["WHITE_SUBSTR"];
         }
         $CACHE_MANAGER->Set("b_sec_white_list", $BX_SECURITY_AV_WHITE_LIST);
     }
     //Init DB in order to be able to register the event in the shutdown function
     CSecurityDB::Init();
     //Check if we started output buffering in auto_prepend_file
     //so we'll have chances to detect virus before prolog
     if (defined("BX_SECURITY_AV_STARTED")) {
         $content = ob_get_contents();
         ob_end_clean();
         if (strlen($content)) {
             $Antivirus = new CSecurityAntiVirus("pre");
             $Antivirus->Analyze($content);
             echo $content;
         }
     }
     //Initiate monitoring of output that can be after working antivirus.
     register_shutdown_function(array('CSecurityAntiVirus', 'PHPShutdown'));
     //Check notification from previous hit
     $fname = $_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/managed_cache/b_sec_virus";
     if (file_exists($fname)) {
         $rsInfo = $DB->Query("select * from b_sec_virus where SENT='N'");
         if ($arInfo = $rsInfo->Fetch()) {
             if ($table_lock = CSecurityDB::LockTable('b_sec_virus', $APPLICATION->GetServerUniqID() . "_virus")) {
                 $SITE_ID = false;
                 do {
                     $SITE_ID = $arInfo["SITE_ID"];
                     if (strlen($arInfo["INFO"])) {
                         $arEvent = unserialize(base64_decode($arInfo["INFO"]));
                         if (is_array($arEvent)) {
                             $DB->Add("b_event_log", $arEvent, array("DESCRIPTION"));
                         }
                     }
                     CSecurityDB::Query("update b_sec_virus set SENT='Y' where ID='" . $arInfo["ID"] . "'", '');
                 } while ($arInfo = $rsInfo->Fetch());
                 CTimeZone::Disable();
                 $arDate = localtime(time());
                 $date = mktime($arDate[2], $arDate[1] - $BX_SECURITY_AV_TIMEOUT, 0, $arDate[4] + 1, $arDate[3], 1900 + $arDate[5]);
                 CSecurityDB::Query("DELETE FROM b_sec_virus WHERE TIMESTAMP_X <= " . $DB->CharToDateFunction(ConvertTimeStamp($date, "FULL")), '');
                 CTimeZone::Enable();
                 CEvent::Send("VIRUS_DETECTED", $SITE_ID ? $SITE_ID : SITE_ID, array("EMAIL" => COption::GetOptionString("main", "email_from", "")));
                 CSecurityDB::UnlockTable($table_lock);
                 @unlink($fname);
             }
         }
     }
 }
Пример #7
0
 public static function OnPageStart($use_query = false)
 {
     //ToDo: good candidate for refactoring
     global $DB, $CACHE_MANAGER;
     if (!CSecuritySystemInformation::isCliMode() && CSecurityIPRule::GetActiveCount()) {
         if (CSecurityIPRule::CheckAntiFile()) {
             return;
         }
         $bMatch = false;
         $uri = $_SERVER['REQUEST_URI'];
         if (($pos = strpos($uri, '?')) !== false) {
             $uri = substr($uri, 0, $pos);
         }
         $uri = urldecode($uri);
         $uri = preg_replace('#/+#', '/', $uri);
         //Block any invalid uri
         if (!static::isValidUri($uri)) {
             include $_SERVER['DOCUMENT_ROOT'] . '/bitrix/admin/security_403.php';
         }
         //die inside
         //Normalize on Windows, because my. == my
         if (CSecuritySystemInformation::isRunOnWin()) {
             $uri = preg_replace('#(. )+[/\\\\]+#', '/', $uri);
         }
         $ip2check = CSecurityIPRule::ip2number($_SERVER["REMOTE_ADDR"]);
         if (!$use_query && CACHED_b_sec_iprule !== false) {
             $cache_id = "b_sec_iprule";
             if ($CACHE_MANAGER->Read(CACHED_b_sec_iprule, $cache_id, "b_sec_iprule")) {
                 $arRules = $CACHE_MANAGER->Get($cache_id);
             } else {
                 $arRules = array();
                 $rs = $DB->Query("\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tr.ID,\n\t\t\t\t\t\t\tr.ADMIN_SECTION,\n\t\t\t\t\t\t\tr.SITE_ID,\n\t\t\t\t\t\t\tr.ACTIVE_FROM_TIMESTAMP,\n\t\t\t\t\t\t\tr.ACTIVE_TO_TIMESTAMP\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tb_sec_iprule r\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tr.ACTIVE='Y'\n\t\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t\tr.ACTIVE_TO IS NULL\n\t\t\t\t\t\t\t\tOR r.ACTIVE_TO >= " . $DB->CurrentTimeFunction() . "\n\t\t\t\t\t\t\t)\n\t\t\t\t\t");
                 while ($ar = $rs->Fetch()) {
                     $ar["ACTIVE_FROM_TIMESTAMP"] = intval($ar["ACTIVE_FROM_TIMESTAMP"]);
                     $ar["ACTIVE_TO_TIMESTAMP"] = intval($ar["ACTIVE_TO_TIMESTAMP"]);
                     $ar["INCL_MASKS"] = array();
                     $ar["EXCL_MASKS"] = array();
                     $ar["INCL_IPS"] = array();
                     $ar["EXCL_IPS"] = array();
                     $arRules[$ar["ID"]] = $ar;
                 }
                 $rs = $DB->Query("\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tim.IPRULE_ID,\n\t\t\t\t\t\t\tim.PREG_MASK\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tb_sec_iprule r\n\t\t\t\t\t\t\tINNER JOIN b_sec_iprule_incl_mask im on im.IPRULE_ID = r.ID\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tr.ACTIVE='Y'\n\t\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t\tr.ACTIVE_TO IS NULL\n\t\t\t\t\t\t\t\tOR r.ACTIVE_TO >= " . $DB->CurrentTimeFunction() . "\n\t\t\t\t\t\t\t)\n\t\t\t\t\t");
                 while ($ar = $rs->Fetch()) {
                     if (array_key_exists($ar["IPRULE_ID"], $arRules)) {
                         $arRules[$ar["IPRULE_ID"]]["INCL_MASKS"][] = $ar["PREG_MASK"];
                     }
                 }
                 foreach ($arRules as $ID => $ar) {
                     if (count($ar["INCL_MASKS"]) <= 0) {
                         unset($arRules[$ID]);
                     }
                 }
                 $rs = $DB->Query("\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tem.IPRULE_ID,\n\t\t\t\t\t\t\tem.PREG_MASK\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tb_sec_iprule r\n\t\t\t\t\t\t\tINNER JOIN b_sec_iprule_excl_mask em on em.IPRULE_ID = r.ID\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tr.ACTIVE='Y'\n\t\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t\tr.ACTIVE_TO IS NULL\n\t\t\t\t\t\t\t\tOR r.ACTIVE_TO >= " . $DB->CurrentTimeFunction() . "\n\t\t\t\t\t\t\t)\n\t\t\t\t\t");
                 while ($ar = $rs->Fetch()) {
                     if (array_key_exists($ar["IPRULE_ID"], $arRules)) {
                         $arRules[$ar["IPRULE_ID"]]["EXCL_MASKS"][] = $ar["PREG_MASK"];
                     }
                 }
                 $rs = $DB->Query("\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tii.IPRULE_ID,\n\t\t\t\t\t\t\tii.IP_START,\n\t\t\t\t\t\t\tii.IP_END\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tb_sec_iprule r\n\t\t\t\t\t\t\tINNER JOIN b_sec_iprule_incl_ip ii on ii.IPRULE_ID = r.ID\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tr.ACTIVE='Y'\n\t\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t\tr.ACTIVE_TO IS NULL\n\t\t\t\t\t\t\t\tOR r.ACTIVE_TO >= " . $DB->CurrentTimeFunction() . "\n\t\t\t\t\t\t\t)\n\t\t\t\t\t");
                 while ($ar = $rs->Fetch()) {
                     if (array_key_exists($ar["IPRULE_ID"], $arRules)) {
                         $arRules[$ar["IPRULE_ID"]]["INCL_IPS"][] = array(doubleval($ar["IP_START"]), doubleval($ar["IP_END"]));
                     }
                 }
                 foreach ($arRules as $ID => $ar) {
                     if (count($ar["INCL_IPS"]) <= 0) {
                         unset($arRules[$ID]);
                     }
                 }
                 $rs = $DB->Query("\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\tei.IPRULE_ID,\n\t\t\t\t\t\t\tei.IP_START,\n\t\t\t\t\t\t\tei.IP_END\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tb_sec_iprule r\n\t\t\t\t\t\t\tINNER JOIN b_sec_iprule_excl_ip ei on ei.IPRULE_ID = r.ID\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tr.ACTIVE='Y'\n\t\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t\tr.ACTIVE_TO IS NULL\n\t\t\t\t\t\t\t\tOR r.ACTIVE_TO >= " . $DB->CurrentTimeFunction() . "\n\t\t\t\t\t\t\t)\n\t\t\t\t\t");
                 while ($ar = $rs->Fetch()) {
                     if (array_key_exists($ar["IPRULE_ID"], $arRules)) {
                         $arRules[$ar["IPRULE_ID"]]["EXCL_IPS"][] = array(doubleval($ar["IP_START"]), doubleval($ar["IP_END"]));
                     }
                 }
                 $CACHE_MANAGER->Set($cache_id, $arRules);
             }
             foreach ($arRules as $arRule) {
                 //Check if this rule is active
                 if (($arRule["ACTIVE_FROM_TIMESTAMP"] <= 0 || $arRule["ACTIVE_FROM_TIMESTAMP"] <= time()) && ($arRule["ACTIVE_TO_TIMESTAMP"] <= 0 || $arRule["ACTIVE_TO_TIMESTAMP"] >= time())) {
                     $bMatch = true;
                 } else {
                     $bMatch = false;
                 }
                 //Check if site does match
                 if ($bMatch) {
                     if (defined("ADMIN_SECTION") && ADMIN_SECTION === true) {
                         $bMatch = $arRule["ADMIN_SECTION"] == "Y";
                     } else {
                         $bMatch = !$arRule["SITE_ID"] || $arRule["SITE_ID"] == SITE_ID;
                     }
                 } else {
                     continue;
                 }
                 //Check if IP in blocked
                 if ($bMatch) {
                     $bMatch = false;
                     foreach ($arRule["INCL_IPS"] as $arIP) {
                         if ($ip2check >= $arIP[0] && $ip2check <= $arIP[1]) {
                             $bMatch = true;
                             break;
                         }
                     }
                     //IP is in blocked range so check if it is exluded
                     if ($bMatch) {
                         foreach ($arRule["EXCL_IPS"] as $arIP) {
                             if ($ip2check >= $arIP[0] && $ip2check <= $arIP[1]) {
                                 $bMatch = false;
                                 break;
                             }
                         }
                     }
                 } else {
                     continue;
                 }
                 //IP does match to blocking condition let's check path
                 if ($bMatch) {
                     $bMatch = false;
                     foreach ($arRule["INCL_MASKS"] as $mask) {
                         if (preg_match("#^" . $mask . "\$#", $uri)) {
                             $bMatch = true;
                             break;
                         }
                     }
                     //Check path for exclusion
                     if ($bMatch) {
                         foreach ($arRule["EXCL_MASKS"] as $mask) {
                             if (preg_match("#^" . $mask . "\$#", $uri)) {
                                 $bMatch = false;
                                 break;
                             }
                         }
                     }
                 } else {
                     continue;
                 }
                 //Found blocking rule
                 if ($bMatch) {
                     break;
                 }
             }
         } else {
             $strSql = "\n\t\t\t\t\tSELECT r.ID\n\t\t\t\t\tFROM\n\t\t\t\t\t\tb_sec_iprule r\n\t\t\t\t\t\tINNER JOIN b_sec_iprule_incl_mask im on im.IPRULE_ID = r.ID\n\t\t\t\t\t\tLEFT  JOIN b_sec_iprule_excl_mask em on em.IPRULE_ID = r.ID AND '" . $DB->ForSQL($uri) . "' like em.LIKE_MASK\n\t\t\t\t\t\tINNER JOIN b_sec_iprule_incl_ip   ii on ii.IPRULE_ID = r.ID\n\t\t\t\t\t\tLEFT  JOIN b_sec_iprule_excl_ip   ei on ei.IPRULE_ID = r.ID AND " . $ip2check . " between ei.IP_START and ei.IP_END\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tr.ACTIVE = 'Y'\n\t\t\t\t\t\tAND (r.ACTIVE_FROM IS NULL OR r.ACTIVE_FROM <= " . $DB->CurrentTimeFunction() . ")\n\t\t\t\t\t\tAND (r.ACTIVE_TO IS NULL OR r.ACTIVE_TO >= " . $DB->CurrentTimeFunction() . ")\n\t\t\t\t\t\t" . (defined("ADMIN_SECTION") && ADMIN_SECTION === true ? "AND r.ADMIN_SECTION = 'Y'" : "AND (r.SITE_ID IS NULL OR r.SITE_ID = '" . $DB->ForSQL(SITE_ID) . "')") . "\n\t\t\t\t\t\tAND '" . $DB->ForSQL($uri) . "' like im.LIKE_MASK\n\t\t\t\t\t\tAND em.IPRULE_ID is null\n\t\t\t\t\t\tAND " . $ip2check . " between ii.IP_START and ii.IP_END\n\t\t\t\t\t\tAND ei.IPRULE_ID is null\n\t\t\t\t";
             //echo "<pre>".htmlspecialcharsbx($strSql)."</pre>";
             $rs = $DB->Query($strSql);
             if ($arRule = $rs->Fetch()) {
                 $bMatch = true;
             } else {
                 $bMatch = false;
             }
         }
         if ($bMatch) {
             include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/admin/security_403.php";
         }
     }
 }
 /**
  * Return system information, such as php version
  * @return array
  */
 protected static function getSystemInformation()
 {
     return CSecuritySystemInformation::getSystemInformation();
 }
Пример #9
0
 /**
  * Checks OpenSSL available
  *
  * @return bool
  */
 protected static function isOpensslAvailable()
 {
     static $result = null;
     if ($result === null) {
         $result = function_exists('openssl_random_pseudo_bytes') && (!\CSecuritySystemInformation::isRunOnWin() || version_compare(phpversion(), "5.4.0", ">="));
     }
     return $result;
 }
Пример #10
0
                        $errorMessage = GetMessage("MFD_ER_ER");
                    }
                }
            } else {
                $errorMessage = GetMessage("MFD_ER_SESS");
            }
        }
    } else {
        $errorMessage = GetMessage("MFD_ER_DATE");
    }
} else {
    $errorMessage = GetMessage("MFD_ER_BUS") . "<br />";
}
$host = CSecuritySystemInformation::getCurrentHostName();
$ip = gethostbyname($host);
if (!CSecuritySystemInformation::isIpValid($ip)) {
    $ip = "";
}
$APPLICATION->SetTitle(GetMessage("MFD_TITLE"));
?>
<div  class="bx-gadgetsadm-list-table-layout">
	<div class="bx-gadgets-content">
		<div class="adm-detail-content-wrap">
			<div class="adm-detail-content">
				<div class="adm-detail-title adm-detail-title-colored"><?php 
echo GetMessage("MFD_1");
?>
</div>
				<div class="ddos-info-container">
					<img src="/bitrix/images/security/ddos-img.png" alt="">
					<div class="ddos-info">
Пример #11
0
 protected function isOpensslSkipped()
 {
     static $result = null;
     if ($result === null) {
         $result = !function_exists('openssl_random_pseudo_bytes') || \CSecuritySystemInformation::isRunOnWin() && version_compare(phpversion(), "5.4.0", "<");
     }
     return $result;
 }